Nancy and the Terrible Tale of Malware

January 24, 2018 in SiteLock Research, Small Business

Nancy is a small business owner who runs an ecommerce store selling women’s clothing. She knows there’s a lot of competition out there, so she works hard to make her customers happy. She’s found that one of the best ways to attract new customers and keep them coming back is by creating a feature-rich, user-friendly website that visitors love to use. Nancy’s website provides an easy shopping experience for her customers thanks to the features included with ecommerce plugins like Magento and WooCommerce. It also includes linked social media accounts, videos, pages of merchandise, and more!

One day, Nancy woke up to an inbox full of emails from frustrated customers. Something was wrong with her website! Her homepage had been unexpectedly replaced with a shocking message that offended many of her customers. To top it off, the message prevented customers from accessing the pages on her site, so no one could place an order. Confused and uncertain, her customers decided to take their business elsewhere and shop on her competitors’ websites instead.

How could this have happened? Well, it happened because Nancy’s website was infected with malware.

What is malware?

Among the many emails in Nancy’s inbox was one from her hosting provider, stating that her website had been suspended because of malware. Scared and frazzled, Nancy quickly turned to Google to learn more about malware. She found some helpful blogs that explained that malware is software created for malicious purposes and used to attack websites in a variety of ways. By attacking a site, cybercriminals can do bad things like steal traffic, obtain sensitive customer data (like credit card info), and more…

After further research, it became clear her website had been attacked by a specific type of malware called a defacement. Defacements are infections where cybercriminals replace a website’s content with their own message. You can think of it like a cybercriminal’s digital version of graffiti on a wall. The message can be shocking and used to promote the hacker’s political or religious viewpoints, or to simply publicize the cybercriminal’s “hacker name.”

How did the malware get in?

How did this cyberattack happen in the first place? What Nancy didn’t know is that website features, like plugins and linked social media accounts, need to be used with caution because they may create opportunities for security vulnerabilities.

For example, Nancy’s website had several outdated plugins installed that contained security flaws. Fortunately, developers had created security patches for these plugins. Unfortunately, Nancy never downloaded them. She was unaware that it was her responsibility to keep her plugins updated, and as a result, her website was vulnerable to attack. Had she downloaded updated versions of the plugins, they would have patched the vulnerabilities on her website. But it was too late… cybercriminals had already used the vulnerabilities to infect and deface Nancy’s website.

The reality is, Nancy’s website was at a high risk of attack from the start. Because plugins can contain vulnerabilities, the more plugins she installed, the higher that risk became. When her website had 6-10 plugins, it was twice as likely to be compromised than a website without plugins. But she kept adding more, and by the time she installed over 20 plugins, her website was 3 times more likely to be compromised than a website without plugins. On top of that, adding links to Facebook, LinkedIn, and Twitter made her website 4 times more likely to be compromised than websites that don’t link to all three social channels. While the plugins and social media links added features that made her website more appealing to her customers, they also made her website appealing to cybercriminals.

Why was Nancy’s website attacked?

If Nancy had known how likely her website was to be attacked, she would have done things differently. She didn’t realize cyberattacks were so common, or that the average website is attacked multiple time every day. Website defacements are also common, making up 15 percent of malware infections! It’s no wonder Nancy’s website was affected!

With plugin vulnerabilities creating opportunities for attacks to hit Nancy’s website, it was only a matter of time before something bad happened.

How can Nancy get ahead of vulnerabilities and make sure a defacement, or any other type of malware, doesn’t infect her website again?

Website security solutions save the day

Luckily, Nancy found a quick and easy security solution to fix her website and protect her visitors: a website scanner! A website scanner is ideal for small business owners like Nancy, because it finds malware and vulnerabilities automatically, saving her the stress of discovering a cyberattack after it’s too late.

The website scanner Nancy chose now looks for malicious activity every day and automatically removes the malware it finds, like the malware that caused her website to be defaced. Nancy’s customers now know that her website is malware free, thanks to the Trust Seal prominently displayed on site that shows that her website is protected. Additionally, Nancy understands that she needs to keep her plugins updated to prevent vulnerabilities, but just in case, the website scanner also looks for new vulnerabilities and alerts Nancy as soon as it detects new threats.

Today, Nancy’s business is better than ever! With a website scanner in place, Nancy now wakes up every morning with an inbox full of orders from happy customers. Her customers know her website is safe, and she has more time to spend making them happy because she knows her website security is being handled properly. Nancy wishes she had known the risks earlier, but can rest easy knowing that her website will be protected from now on.

Interested in getting the same protection for your business? SiteLock offers the only website scanner in the industry that automatically finds and removes known malware. Contact us anytime at 855.378.6200 to get started.

This data is based on the SiteLock Website Security Insider Q3 2017 from a database of over 6 million websites.

Latest Articles
Follow SiteLock